CVSS: 7.8EPSS: 88%CPEs: 75EXPL: 1CVE-2011-3315 – Cisco - 'file' Directory Traversal
https://notcve.org/view.php?id=CVE-2011-3315
27 Oct 2011 — Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049. Vulnerabilidad d... • https://www.exploit-db.com/exploits/36256 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 74EXPL: 0CVE-2011-2072
https://notcve.org/view.php?id=CVE-2011-2072
03 Oct 2011 — Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686. Una vulnerabilidad de pérdida de memoria en Cisco IOS v12.4, v15.0 y v15.1, Cisco IOS XE v2.5.x hasta v3.2.x, y Cisco Unified Com... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-cucm • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 69EXPL: 0CVE-2011-1643
https://notcve.org/view.php?id=CVE-2011-1643
29 Aug 2011 — Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833. Cisco Unified Communications Manager (también conocido como CUCM o formerly CallManager) v6.x, v7.x antes de v7.1(5b)su4, v8.0, y v8.5 antes de v... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2011-2560
https://notcve.org/view.php?id=CVE-2011-2560
29 Aug 2011 — The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162. El Packet Capture Service en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v4.x, no maneja adecuadamente las conexiones TCP inactivas, lo que permite a atacantes remotos provocar una d... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0CVE-2011-2561
https://notcve.org/view.php?id=CVE-2011-2561
29 Aug 2011 — The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990. El proceso SIP en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v7.x antes de v... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2011-2562
https://notcve.org/view.php?id=CVE-2011-2562
29 Aug 2011 — Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (service outage) via a SIP INVITE message, aka Bug ID CSCth43256. Vulnerabilidad no especificada en Cisco Unified Communications Manager (también conocido como CUCM, CallManager) v6.x antes de v6.1(5)su2, v7.x antes de v7.1(5b)su3, v8.x antes de v8.0(3a)su1, y v8.5 ante... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2563
https://notcve.org/view.php?id=CVE-2011-2563
29 Aug 2011 — Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669. Vulnerabilidad no especificada en el Service Advertisement Framework (SAF) en Cisco Unified Communications Manager (también conocido como CUCM, CallManager) v8.xantes de v8.5(1) y... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2564
https://notcve.org/view.php?id=CVE-2011-2564
29 Aug 2011 — Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417. Vulnerabilidad no especificada en el Service Advertisement Framework (SAF) en Cisco Unified Communications Manager (también conocido cómo CUCM, formalmente CallManager) v8.x antes... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml •
CVSS: 7.5EPSS: 2%CPEs: 47EXPL: 0CVE-2011-1604
https://notcve.org/view.php?id=CVE-2011-1604
03 May 2011 — Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904. Vulnerabilidad no especificada en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v6.x antes de v6.1(5)su2, v7.x antes de v7.1(5b)su2, v8.0 antes de v8.0(3), y... • http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 46EXPL: 0CVE-2011-1605
https://notcve.org/view.php?id=CVE-2011-1605
03 May 2011 — Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCth39586. Vulnerabilidad no especificada en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v6.x antes de v6.1(5)su2, v7.x antes de v7.1(5b)su2, v8.0 antes de v8.0(3), y v8.5 antes d... • http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html •